<?php
/**
 *
 *  Pass extractor
 *
 *  Pass extractor
 *
 *  @author     David Lasley, dave -at- dlasley -dot- net
 *  @package    pass-extract
 *  @version    $Id: pass_extract.php 6 2012-12-12 19:16:20Z tass2001@gmail.com $
 *  
 **/
//$pass = new pass_extraction('Some_Application','dherpson','Password01');
//var_dump($pass->current_pass,$pass->raw_data);

/*
 *  Pass extraction class
 */
class pass_extraction{
    /*
     *  @param  string  $app        App to check
     *  @param  string  $username   Username
     *  @param  string  $newPass    Change pass to
     *
     *  @return bool
     */
    public function __construct($app,$username=false,$newPass=false){
        $this->xml_doc = 'userLoginData.xml';
        $this->dom = new DOMDocument;
        $this->dom->load($this->xml_doc);
        $this->username = $username;
        foreach($this->dom->getElementsByTagName('User') as $user){
            if($user->getAttribute('App') == $app){
                if(!$username || $user->getAttribute('Username') == $username){
                    $this->data = array(
                                            'Name'              =>  $user->getAttribute('App'),
                                            'Username'          =>  $user->getAttribute('Username'),
                                            'passwordHash'      =>  $user->getAttribute('passwordHash'),
                                            'domNode'           =>  $user,
                                        );
                }
            }
        }
        if(!$this->data){
            if($newPass && $username){
                $this->current_pass = $newPass;
                $this->data = array(
                                        'Name'              =>  $app,
                                        'Username'          =>  $username,
                                    );
                $this->new_account($app,$username,$newPass);
            }else{
                return false;
            }
        }else{
            if($newPass){
                $this->current_pass = $newPass;
                $this->change_pass($newPass);
            }else{
                $this->current_pass = $this->crypt($this->data['passwordHash'],true);
            }
        }
        return true;
        //if($newPass)
        //    $this->unencrypted = $this->change_pass($app,$newPass);
    }
    /*
     *  Create new account in XML
     *
     *  @param  string  $app    App
     *  @param  string  $user   Username
     *  @param  string  $pass   Pass
     */
    public function new_account($app,$user,$pass){
        $root_el = $this->dom->getElementsByTagName('Users')->item(0);
        $new_user = $this->dom->createElement('User');
        $new_user->setAttribute('App',$app);
        $new_user->setAttribute('Username',$user);
        $new_user->setAttribute('passwordHash',$this->crypt($pass));
        $root_el->appendChild($new_user);
        $this->dom->save($this->xml_doc);
    }
    /*
     *  Change password
     *
     *  @param  string  $pass   Password
     */
    public function change_pass($pass){
        $pass = $this->crypt($pass);
        $this->data['domNode']->setAttribute('passwordHash',$pass);
        $this->dom->save($this->xml_doc);
    }
    /*
     *  Crypt pass
     *
     *  @param  string  $pass       Pass
     *  @param  bool    $decrypt    Decrypt
     *
     *  @return string  En/Decrypted Pass
     */
    public function crypt($pass,$decrypt=false){
        //Note that the below class is not FOSS but can be found (for a price) at www.phillipsdata.com (you're looking for AES.class.php)
        require_once(dirname(__FILE__).'/AES.class.php');
        $iv = substr(sha1($this->data['Name']),-16);
        $key = hash('sha256',$this->data['Username']);
        $key = substr($key,0,strlen($key)/2);
        $aes = new AES($key, "CBC", $iv);
        return ($decrypt) ? $aes->decrypt(base64_decode($pass)) : base64_encode($aes->encrypt($pass));
    }
}
?>